aboutsummaryrefslogtreecommitdiff
path: root/backend/tests/login.rs
blob: b4e07e32c4c7289de858ca2eba86dcacdde4fe65 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
#![feature(async_closure)]
extern crate mozaic4_backend;

use rocket::http::{ContentType, Header, Status};

mod util;
use util::run_test;

pub struct BearerAuth {
    token: String,
}

impl BearerAuth {
    pub fn new(token: String) -> Self {
        Self { token }
    }
}

impl<'a> Into<Header<'a>> for BearerAuth {
    fn into(self) -> Header<'a> {
        Header::new("Authorization", format!("Bearer {}", self.token))
    }
}

#[rocket::async_test]
async fn test_registration() {
    run_test(async move |client, _conn| {
        let response = client
            .post("/register")
            .header(ContentType::JSON)
            .body(r#"{"username": "piepkonijn", "password": "geheim123"}"#)
            .dispatch()
            .await;

        assert_eq!(response.status(), Status::Ok);
        assert_eq!(response.content_type(), Some(ContentType::JSON));

        let response = client
            .post("/login")
            .header(ContentType::JSON)
            .body(r#"{"username": "piepkonijn", "password": "geheim123"}"#)
            .dispatch()
            .await;

        assert_eq!(response.status(), Status::Ok);
        let token = response.into_string().await.unwrap();

        let response = client
            .get("/users/me")
            .header(BearerAuth::new(token))
            .dispatch()
            .await;

        assert_eq!(response.status(), Status::Ok);
        assert_eq!(response.content_type(), Some(ContentType::JSON));
        let resp = response.into_string().await.unwrap();
        let json: serde_json::Value = serde_json::from_str(&resp).unwrap();
        assert_eq!(json["username"], "piepkonijn");
    }).await
}

#[rocket::async_test]
async fn test_reject_invalid_credentials() {
    run_test(async move |client, _conn| {
        let response = client
            .post("/login")
            .header(ContentType::JSON)
            .body(r#"{"username": "piepkonijn", "password": "letmeinplease"}"#)
            .dispatch()
            .await;

        assert_eq!(response.status(), Status::Forbidden);
        // assert_eq!(response.content_type(), Some(ContentType::JSON));
    }).await
}